Yenya's World

Fri, 28 Apr 2006

Zeroconf IP addresses

I always wondered why some Windows computers have an IP address from
the 169.254/16 prefix. I have even seen this address on Apple
and Linux systems. Today my curiousity was big enough, so I have looked
up the answer.

Well, this block of IP addresses is allocated for "IPv4 link-local addresses",
and the protocol for assigning the address from this block is described in
RFC 3927. So far
I knew the term "link-local address" in connection with IPv6 only. In IPv6,
they are addresses, which are thought to be unique inside the same LAN.
It seems that Apple and Microsoft (and Sun too) have decided that they need
something similar for IPv4, in order to allow "ad-hoc" peer to peer
communication between two "random" neighbour computers, without any
prior configuration.

I was surprised that the address allocation protocol described by RFC 3927
is pretty simple and straightforward - usually I do something similar
manually when I am on a foreign network without a valid IP address and with
no BootP/DHCP server. It works the following way:

Make up some IP address from the 169.254/16 prefix.

Send an ARP query for this address.

If an ARP response is received, restart from the first point, choosing a different IP address this time.

If no ARP response is received, start using this IP address, and send an
gratuitous ARP response.

The RFC 3927 formalizes this algorithm (defining proper timeouts, etc.), and
adds a description of what to do when the IP address conflict is discovered
later (such as after joining the two previously independent networks).
Yes, it is insecure, and prune to the DoS attacks, but it is simple,
does not require any type of new packets, and works with legacy hosts.